SPbinder

How does SurePrep safeguard the security of my clients’ data?

Client tax information is electronically shared on secure SurePrep servers utilizing the latest data encryption technology. SurePrep servers are located in redundant SSAE 16 certified Internet Data Centers located in the continental US. All information is maintained online and a log entry is automatically generated each time it is accessed. In addition, SurePrep accountants are bound by comprehensive non-disclosure agreements that require complete confidentiality. For additional information please view the FAQ titled “Security“.

What kind of engagement types are appropriate for SPbinder?

SPbinder can be used on any engagement type. The organizational structure of 1040 and 1041 returns are set up automatically and custom engagement types can be created for business entity returns, compilations, reviews, audits or any other type. Binder templates can then be used to minimize set up time and to promote standardization.

How is SPbinder different from Adobe Acrobat?

Many tasks that accountants need to perform like bookmarking and organizing workpapers, signing off workpapers, merging subsequent documents like a late K-1, communicating between staff members and incorporating file types such as Microsoft Word and Excel are time consuming and difficult to do in Adobe Acrobat, if you can perform them in Acrobat at all. SPbinder performs these and many other accounting related tasks with ease.

Security

Hosted Web Servers

SurePrep’s production servers are managed by SurePrep staff and hosted by IBM at data centers in Dallas, Seattle and Washington D.C. Our servers and firewalls are monitored on a 24/7 basis. Performance reports are generated to assure maximum operational availability. Citrix NetScalar load balancing is in place to achieve the best possible system performance. Through monthly patch management, we are constantly updating our security software to protect against unauthorized access to our network systems. Daily back-ups are performed and stored off-site.

Facility Security

  • Access limited to IBM IT staff only
  • Proximity security badge access
  • Individual card key access
  • Digital security video surveillance

Environmental Controls

  • Static free environment
  • 24 X 7 NOC personnel presence
  • Redundant Liebert 30-ton HVAC units
  • Pre-Action dry pipe fire suppression

Network Operations Center

  • Permissively neutral network
  • Multi-homed connectivity with redundant 10 Gbit/s Tier 1 carriers (over 80 Gbit/s bandwidth)

Building Power

  • Continuous, uninterrupted operation
  • N + 1 paralleled generator and UPS power systems

Certifications

  • IBM data centers are SAS-70 Type II and SSAE 16 certified.

SurePrep Tax Center

The SurePrep Tax Center is a Microsoft SQL based ASP application.  Password protected logins restrict access to registered users.  User passwords are encrypted in the SQL database and a log is maintained of all users that access the system.  The SurePrep Tax Center uses 2048-bit Secure Socket Layer encryption for all data transfers.  This is the same encryption technology used by banks for securing online banking transactions.

Non-disclosure / Confidentiality Agreements

All SurePrep employees in the U.S. and India are required to sign non-disclosure/confidentiality agreements.  Each employee is bound by the agreement and not allowed to discuss information from engagements they are working on with anyone unless there is a question related to the preparation of the engagement.  Preparers and reviewers are only allowed to request help from their direct supervisors.

Service Centers

SurePrep has implemented a comprehensive service center security policy that is designed to ensure the protection of data. Security measures include policies that:

  1. Restrict physical access to the processing and server environments.
  2. Ensure a paperless environment so data cannot be removed from the facility.
  3. Standard computer hardware and software configurations restrict access to email and Internet sites.
  4. Thin clients are used with centrally managed servers. No data ever resides on the diskless thin client, and provide only keyboard, video and mouse input.
  5. PC-based workstations do not have CD or floppy drives and USB ports are disabled.

Certifications

  • SurePrep is ISO 9001:2008 Certified.

Physical Security

  • A security guard is stationed at the entrance.
  • Access card required to enter the facility.
  • Access card required to enter the server room.  Access is restricted to the IT and service center manager.

Paperless Environment

  • Returns are prepared in a paperless environment.  No source documents or tax returns are printed
  • The printer in the server room is limited to printing management reports
  • Paper shredders are used by management to shred management reports

Personal Belongings

  • Briefcases and other personal belongings are not allowed in the service center

Hardware

  • There are no removable media devices.  PC hard drives are read only.

Internet Access

  • No access to email
  • Outlook and Outlook Express have been removed from all PC’s
  • No access to internet except for:
    • SurePrep site for return processing
    • Global fx site for return processing
    • GoSystem RS site for return processing
    • RIA Checkpoint access is allowed for supervisors only

Software Configuration for PC-based Workstations

  • Windows XP or 7
  • MS Word and Excel
  • Acrobat Reader or Bluebeam
  • McAfee antivirus
  • WinZip, WinRAR or PeaZip
  • SurePrep processing software
  • Tax processing software